How can you automatically generate a malicious .bgi file using PowerShell?

You can write a PowerShell script that reads the fixed header (0x00000000 to 0x00000300) from a known `.bgi` template, encodes it as Base64, then decodes and writes it to a new file. Using `[System.IO.File]::WriteAllBytes()` and `[System.IO.FileStream]`, you append the flag byte (calculated as `path_length + 2`) and the VBS script path, then overwrite trailing `0D0A` bytes with nulls. This automation removes the need for manual GUI steps. The article Study Notes of using BGInfo to bypass Application Whitelisting provides the complete PowerShell code for this process.